Security

[BeastTheKidd]

I need some help on the topic of security. What are the best methods to secure scripts, whether it be built from ground up or edited? I'm hoping that some of you can provide some information on this topic, as I'm sure it would be useful to me, and many new coders out there that got sucked into the black hole that is mccodes :) Thanks, -Dillion

Also, I've provided a minor example of what I know best, so please feel free to comment on things I could work on, things that are good, etc. ( And I understand constructive criticism, but don't be a jerkoff about it. )

http://pastebin.com/qP1WAG64

The main idea here is that when someone tries to login, it first checks the database for the username input. If the database contains that username ( since there will be no duplicate usernames, due to the fact that I have my usernames and display names seperated ), check the password. The password is the password the user chose at registration, combined with a random salt ( generated at registration ), and then hashed with sha1. This ( if im correctly assuming and applying the method correctly ) will ensure that even if 2 users have the same password, and someone ( aka low life ) were to rainbow table a certain password hash, then they would find only 1 users information, rather than everyone with the same password. It does require an extra query, but i believe its worth it.

Also, something that I saw in (dreaded) McCodes is that they were selecting EVERYTHING in their users table, just in their globals. Now, why would you need all this information? Wouldn't it be better if say, in my file that i include in all pages, I selected the member id and any other NEEDED info at the time? In the globals I would select anything, such as the member's id, display name, currency values, etc. but why select the username? The username should only be touched in 3 scenarios:

Scenario #1: When the user registers an account, the username should be inserted into the database, never to be touched again, unless for #2 and #3.

Scenario #2: Login. When your authenticating the user, obviously you need to check.

Scenario #3: Re-auth. When you have important information and you want the user to re-authenticate for security purposes.

In this, I do not see any reason why I would need the login name in a forum... Thats 1. Overkill on the db, and 2. A security risk. Of course, if all the variables were properly sanitized, this wouldn't be much of an issue as far as SQL injection goes, so i refer to #1, and the fact that it is plain and simple useless to select more than you need.

If i'm incorrect please tell me, but I believe I'm correct in saying that... and to add, say i wanted to see what house a user has. Well, why kill the db with extra info, when I could just select the house in a query when its needed?

Edited January 10, 2012 by BeastTheKidd
Salt experimentation.